Re: SAMBA PERMISSIONS

Fri, 14 Dec 2001 22:31:41 -0800 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 10 Dec 2001, Petr Jerabek wrote:
>I need create spec. permission for /FINANCE directory. ONLY the users
>below "valid users = michal marie dana zuzana" should have acces for READ
>and WRITE in /FINANCE directory. The configuration here doesn`t work.
>Also have a problem - how to set FULL RIGHT for read/write inside of
>these folders below (without /FINANCE) without possibility to DELETE
>them?
>
>drwxrwxrwx    9 root     root         4096 Dec 10 11:45 .
>drwxr-xr-x    3 root     root         4096 Dec 10 11:45 ..
>drwxrwxrwx    2 root     root         4096 Dec 10 11:08 FINANCE
>drwxrwxrwx    2 root     root         4096 Dec 10 10:27 KINO
>drwxrwxrwx    2 root     root         4096 Dec 10 09:35 MARKETING
>drwxrwxrwx    3 root     root         4096 Dec 10 09:36 PR
>drwxrwxrwx    2 root     root         4096 Dec 10 09:34 TELEVIZE

Only root has permission to do anything. The easiest way to do this is to
create a group (finance) in /etc/group and add the users to the group.
Then change the permissions and ownsership of the FINANCE directory:

  chown root.finance /FINANCE  (set the group ownership)
  chmod 770 /FINANCE       (prevent access by other users)
  chmod g+s /FINANCE       (group ownership will be inherited by subdirs)

>[public]
>   comment = Public Stuff
>   path = /opt/samba/public
>   read only = No
>   create mask = 0777
>   force create mode = 0777
>   directory mask = 0777
>   force directory mode = 0777
>   guest ok = No
>   wide links = No

You should probably change 0777 to 0770 in all the settings. That will
keep everyone out but members of the finance group. Then add a line to
allow only members of the finance group:

   valid users = @finance


Tony
- -- 
Anthony E. Greene <[EMAIL PROTECTED]> <http://www.pobox.com/~agreene/>
PGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D
Chat: AOL/Yahoo: TonyG05
Linux. The choice of a GNU generation <http://www.linux.org/>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Anthony E. Greene <[EMAIL PROTECTED]> 0x6C94239D

iD8DBQE8Gu46pCpg3WyUI50RAqcOAKDTYz2KbQYaXKy2Qt0dLqpVktV6MACfWSZh
cQ9hanN82QBpRudDE4DmQTg=
=J4WW
-----END PGP SIGNATURE-----



_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Reply via email to